Cybersecurity experts tend to agree that Latin America is attractive to cybercriminals due to the infrastructure gap that exists compared to other regions. Just look at the numbers to confirm this: while 1,515 attacks are detected per minute in Brazil, in Mexico the number rises to 275 attacks per minute, in Colombia to 117 and in Argentina to 33. In addition, it is estimated that the average cost per cyberattack in Latin America exceeds US$ 4 million.
These trends particularly affect companies, since when faced with a cyberattack they not only lose money but also reputation and the trust of their clients or users. “When a company suffers an attack of this nature, it has to recover and that time is usually no less than a week. In addition, if a ransomware attack is suffered and it is not paid, which is usually the recommendation of lawyers, and a secure backup was not made, it is necessary to rebuild or reconstitute what was lost and that will take even more time,” highlights Pablo Pirosanto, Senior Security Architect at Logicalis.
Tips to improve your company's cybersecurity
Although this problem is increasing, companies in the region are already more aware of the importance of cybersecurity and are taking measures to protect themselves. However, specialists say that there is still a lot of work to be done and highlight the most important strategies to consider.
Add cybersecurity professionals or migrate similar profiles
The shortage of cybersecurity professionals is a global problem. According to the World Economic Forum, four million professionals are currently needed to meet the demand of the sector and that number could increase to 85 million by 2030. “The changing threat landscape is increasing the demand for cybersecurity specialists and for them to acquire advanced knowledge the learning curve can be complex and extensive,” explains Pirosanto.
Along these lines, the Logicalis specialist explains that the first option is to hire experts or companies that offer these resources. But if this is not possible, either due to a lack of budget or professionals, it is possible to migrate profiles from other technologies. “They can be reconverted without needing to be native. I have known roles that were in telecommunications or telephony and that migrated to cybersecurity. To achieve this, it is important to train human resources talent hunters to choose people interested in cybersecurity and for this they must have knowledge or technical terminology. This way they can carry out an initial filter to discover desirable talents,” advises Pirosanto.
Training your own staff
Even with more information available for free, the most vulnerable access points in companies continue to be the employees themselves. Among the most frequent attacks is phishing, a technique that consists of deceiving through false messages, emails or other communication channels. Countries such as Mexico, Brazil, Colombia and Argentina reported an increase in this type of crime since 2022, with 85% of companies in the region suffering the consequences.
“All employees of any company should have a training and awareness course on information security because they are the weakest link,” reflects Pirosanto. He adds: “In addition, constant training must be carried out and reinforced if necessary. Knowledge of cybersecurity has improved over the last few years but there is still a lot to do.”
Create budgets before an attack
A recent IBM report highlights that 51% of organizations plan to increase their security investments as a result of a security breach. While it is positive that more than half of corporations decide to create these budgets, it is not necessary to suffer an attack to convince them to do so.
“Companies often hire cybersecurity services and tools after attacks. In general, they do not use them again because they are already protected, but other types of attacks may occur, so they will have to add other tools,” warns Pirosanto. “Although the figures vary greatly depending on the company, it is important to understand that one tool is not enough, since today there are multiple points to protect against attacks,” concludes the Logicalis expert.
Incorporate tools such as Ethical Hacking
There are currently multiple tools with different characteristics to strengthen a company's cybersecurity. One of them is currently gaining popularity and is Ethical Hacking. "It is an activity in which techniques are used to identify vulnerabilities in systems and networks to then carry out tests and strengthen the computer cybersecurity of companies," Pirosanto sums up.
According to the Logicalis specialist, there has been an increase in the demand for ethical hackers due to the growing number of cyberattacks. “Companies and organizations are more aware of the importance of cybersecurity and are investing more in penetration testing and security audits. In addition, they foster a proactive security culture by educating employees on the latest cyberattack techniques and how to mitigate risks,” Pirosanto concludes.
Source: Logicalis - Agencia Vox.